Given the rapid expansion of the Internet, the widespread transmission of data and the ongoing concerns of privacy and security, cryptography, including the use of certificates, public, and private keys, is an area to which considerable attention must be directed. Additionally, maintaining the validity of electronic certificates is a crucial part of ensuring electronic security. The need for maintaining security exists in the transmission of e-mail, use of Secured Socket Layer (SSL), use of IP Secure (IPSec), use of Smart Cards, signing applets or other computer readable instructions, and software licensing.
E-mail can be digitally signed to ensure authentication of the sender. A certificate is used to validate the sender's identity. SSL is a protocol used to provide encrypted communications over the Internet. SSL is under the application layer (HTTP, SMTP, Telnet or FTP), and above the connection layer (TCP/IP), and relies upon certificates. IPSec is a protocol providing security for electronic transmissions at the packet level. IPSec is used to secure packets at the network layer traveling between two devices or peers as the authentication between them can rely upon certificates. Smart Cards use certificates to verify the private key on the smart card. Applet and code signing involves digitally signing the applet or code using certificates, either privately created, or received from a Certificate Authority, for validating signatures. Certificates can be used to help software vendors track licenses. A key can be provided to a customer downloading software, thereby allowing the customer to decrypt and use the downloaded software product. The customer provides identification information that is used to create a certificate for the customer. The keys that allow the customers to access the software are then bound to the certificate. Tracking the customer's certificate allows the reader to control the customer's ability to use the software. When the certificate is revoked, the customer can no longer use the software thereby allowing the vendor to control licensing.
In the above cases, electronic transmissions are made over an unsecure network. Therefore, when the transmission of data needs to be secured, the use of a certificate is often required. For this process to be secure, it is necessary to determine if the certificate is still valid, i.e.; that it has not been revoked.
A certificate is analogous to a passport, driver's license, or other identification means. It is used to prove the identity of an entity in a way that can be verified through a third party. For example, the United States State Department issues passports and has checks in place to ensure that the information contained on an issued passport properly and truthfully identifies the entity shown in the passport. A certificate authority (“CA”) performs the same function for digital certificates as the State Department does for passports. To issue a certificate, the CA requires independently verifiable information to be submitted so that the identity of the certificate requesting entity can be known. Upon verification, the CA issues a certificate to the requesting entity and ties the certificate to the entity's identification. This can be achieved by having the requesting entity provide appropriate identification, and prove that they possess an associated private key. The certificate now serves as an electronic identification for that entity since it has been verified by a trusted third party.
Once a certificate has been issued to an entity, the certificate must be managed. For example, the entity's name or address may change, the entity may cease to exist, the certificate may need to be suspended or the entity may have lost the private key or the pass phrase that guards it. If these, or other events occur so that the identity is compromised, it may be desirable to revoke the certificate so that the certificate is no longer valid.
Traditionally, revocation under an X.509 compliant PKI involves contacting the CA that issued the certificate and requesting that the certificate be revoked. The certificate is then published in a certificate revocation list (CRL). The CRL contains the identification information of all certificates from that CA that have been revoked. However, it is up to a party wishing to validate a certificate to query the CRL from the CA. If the certificate that is the subject of the query is listed in the CRL, then it has been revoked. Generally, the CRL also contains the revocation date and time associated with a revoked certificate. Unfortunately, very few software applications that rely upon certificates actually perform the task of finding and checking the CRL for revoked certificates. Traditionally, the entire CRL of the CA must be downloaded by the software application in order to check for certificate revocation. Also, there are many CA's and the CRL must be downloaded from each CA. To compound the problem, CRL's are published in versions and updates so that to search a revoked certificate the most current CRL and any subsequent updates or addendums need be searched for all CA's. Therefore, the processing and transmission time for checking revocation is a difficult and computationally intensive task. While real-time checking does exist, these methods are neither sufficiently scalable nor simple to have obtained widespread use or support.
In further describing this invention, the following terms may be used:
Certificate—an electronic document used to identify an individual, a server, a company, or some other entity, and to associate that entity with a public key. Certificates generally contain identifying information about the certificate holder, an associated key and information about the Certificate Authority.
Certificate Authority—an entity that authenticates identities and issues certificates to those entities.
Domain Name System (“DNS”)—a general purpose distributed data query service for translating host names into Internet addresses.
Public Key—one key of a key pair that is used to encrypt or decrypt a message or document and mathematically linked to a private key.
Private Key—one key of a key pair that is used to encrypt or decrypt a message or document encrypted with a public key and mathematically linked to the public key.
Public Key Infrastructure—a system for providing public and private key pairs as well as publishing public keys.
Validation—the process of determining whether a public key is still valid.
Authentication—the process of using a public key and certificate to determine that a transmission signed by the associated private key was actually sent from the named sender.